Personal certificates
Here you can find information about personal certificates at KTH.
Personal certificates can be downloaded at cert-manager.com/customer/sunet/idp/clientgeant .
As Institution, choose KTH Royal Institute of Technology; you may also need to allow Sectigo to receive your name and email address.
To download a certificate you must be registered as a student or employee. KTH must also have verified your identity, typically by showing your passport or ID at KTH Entré. If you identity is not verified, your download will be denied:
Contact it-support@kth.se in this case.
Otherwise, verify that your name is correct – the spelling must match your passport or ID, otherwise KTH's information must be updated – and choose
Certificate Profile: GÉANT Personal Certificate |
If you let Sectigo generate the certificate, enter a password for encryption. You will receive the certificate in a PKCS#12 formatted file, as certs.p12. You can (using the password) import this in web browsers, email clients, etc.
Note: Do not click the SUBMIT button multiple times. This may accidentally generate multiple certificates.
Locally generated key and CSR
To genereate the certificate yourself, e.g. using OpenSSL, create a directory and cd to it. You may want to have the current date in the directory name, and again, the spelling of your name must be correct! Then do
openssl req -new -newkey rsa:2048 -out usercert_request.pem -keyout userkey.pem -subj '/CN=My Name'
chmod go= userkey.pem
In Sectigo's portal, then choose Upload CSR and upload the usercert_request.pem you created. You will receive the certificate in PEM format, as certs.pem. Using this you can create a PKCS#12 file that can be imported in browsers, etc.:
openssl pkcs12 -export -inkey userkey.pem -in certs.pem -out certs.p12
You will need to set a password that will be used when you import the certificate.
IGTF/Grid-certifikat
Grid certificates are used to access Grid resources, for example using GSI-OpenSSH (gsissh), a part of the Grid Community Toolkit maintained by Grid Community Forum .
Grid certificates are downloaded just like personal certificates, except that you should select
Certificate Profile: GÉANT IGTF_MICS Personal |